Microsoft has expanded its bug bounty program for the .NET framework, offering rewards up to $40,000 for critical vulnerability reports. The initiative now includes a broader scope of technologies and clearer evaluation criteria to encourage detailed and impactful bug submissions. #dotNet #ASP.NETCore #BugBounty
Keypoints
- Microsoft increased the maximum reward for vulnerabilities in the .NET ecosystem to $40,000.
- The bug bounty program now covers all supported versions of .NET, ASP.NET Core, F#, and related technologies.
- Rewards vary based on report completeness and potential impact, with higher payouts for critical-severity flaws.
- Evaluation criteria have been clarified, emphasizing functional exploits over theoretical scenarios.
- The update aims to improve transparency and encourage detailed vulnerability reports to enhance security.
Read More: https://www.securityweek.com/microsoft-boosts-net-bounty-program-rewards-to-40000/